2012-11-20 20:43:58 +00:00
|
|
|
{- Amazon Glacier remotes.
|
|
|
|
|
-
|
2020-01-14 19:41:34 +00:00
|
|
|
- Copyright 2012-2020 Joey Hess <id@joeyh.name>
|
2012-11-20 20:43:58 +00:00
|
|
|
-
|
2019-03-13 19:48:14 +00:00
|
|
|
- Licensed under the GNU AGPL version 3 or higher.
|
2012-11-20 20:43:58 +00:00
|
|
|
-}
|
|
|
|
|
|
2015-02-06 18:39:27 +00:00
|
|
|
module Remote.Glacier (remote, jobList, checkSaneGlacierCommand) where
|
2012-11-20 20:43:58 +00:00
|
|
|
|
|
|
|
|
import qualified Data.Map as M
|
2012-12-01 18:11:37 +00:00
|
|
|
import qualified Data.Text as T
|
2014-08-02 20:47:21 +00:00
|
|
|
import qualified Data.ByteString.Lazy as L
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2016-01-20 20:36:33 +00:00
|
|
|
import Annex.Common
|
2012-11-20 20:43:58 +00:00
|
|
|
import Types.Remote
|
|
|
|
|
import qualified Git
|
|
|
|
|
import Config
|
2013-03-13 20:16:01 +00:00
|
|
|
import Config.Cost
|
2020-01-14 19:41:34 +00:00
|
|
|
import Annex.SpecialRemote.Config
|
2012-11-20 20:43:58 +00:00
|
|
|
import Remote.Helper.Special
|
2015-08-17 14:42:14 +00:00
|
|
|
import Remote.Helper.Messages
|
2019-02-20 19:55:01 +00:00
|
|
|
import Remote.Helper.ExportImport
|
2012-11-20 20:43:58 +00:00
|
|
|
import qualified Remote.Helper.AWS as AWS
|
|
|
|
|
import Creds
|
2013-03-28 21:03:04 +00:00
|
|
|
import Utility.Metered
|
2012-11-20 20:43:58 +00:00
|
|
|
import qualified Annex
|
2013-09-07 22:38:00 +00:00
|
|
|
import Annex.UUID
|
2014-01-14 20:42:10 +00:00
|
|
|
import Utility.Env
|
2020-01-10 18:10:20 +00:00
|
|
|
import Types.ProposedAccepted
|
2012-11-20 20:43:58 +00:00
|
|
|
|
|
|
|
|
type Vault = String
|
|
|
|
|
type Archive = FilePath
|
|
|
|
|
|
|
|
|
|
remote :: RemoteType
|
2020-01-14 19:41:34 +00:00
|
|
|
remote = specialRemoteType $ RemoteType
|
2017-09-07 17:45:31 +00:00
|
|
|
{ typename = "glacier"
|
|
|
|
|
, enumerate = const (findSpecialRemotes "glacier")
|
|
|
|
|
, generate = gen
|
2020-01-14 19:41:34 +00:00
|
|
|
, configParser = mkRemoteConfigParser
|
|
|
|
|
[ optionalStringParser datacenterField
|
2020-01-20 19:20:04 +00:00
|
|
|
(FieldDesc "S3 datacenter to use")
|
2020-01-14 19:41:34 +00:00
|
|
|
, optionalStringParser vaultField
|
2020-01-20 19:20:04 +00:00
|
|
|
(FieldDesc "name to use for vault")
|
2020-01-14 19:41:34 +00:00
|
|
|
, optionalStringParser fileprefixField
|
2020-01-20 19:20:04 +00:00
|
|
|
(FieldDesc "prefix to add to filenames in the vault")
|
|
|
|
|
, optionalStringParser AWS.s3credsField HiddenField
|
2020-01-14 19:41:34 +00:00
|
|
|
]
|
2017-09-07 17:45:31 +00:00
|
|
|
, setup = glacierSetup
|
|
|
|
|
, exportSupported = exportUnsupported
|
2019-02-20 19:55:01 +00:00
|
|
|
, importSupported = importUnsupported
|
2017-09-07 17:45:31 +00:00
|
|
|
}
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
datacenterField :: RemoteConfigField
|
|
|
|
|
datacenterField = Accepted "datacenter"
|
|
|
|
|
|
|
|
|
|
vaultField :: RemoteConfigField
|
|
|
|
|
vaultField = Accepted "vault"
|
|
|
|
|
|
|
|
|
|
fileprefixField :: RemoteConfigField
|
|
|
|
|
fileprefixField = Accepted "fileprefix"
|
|
|
|
|
|
|
|
|
|
gen :: Git.Repo -> UUID -> ParsedRemoteConfig -> RemoteGitConfig -> RemoteStateHandle -> Annex (Maybe Remote)
|
add RemoteStateHandle
This solves the problem of sameas remotes trampling over per-remote
state. Used for:
* per-remote state, of course
* per-remote metadata, also of course
* per-remote content identifiers, because two remote implementations
could in theory generate the same content identifier for two different
peices of content
While chunk logs are per-remote data, they don't use this, because the
number and size of chunks stored is a common property across sameas
remotes.
External special remote had a complication, where it was theoretically
possible for a remote to send SETSTATE or GETSTATE during INITREMOTE or
EXPORTSUPPORTED. Since the uuid of the remote is typically generate in
Remote.setup, it would only be possible to pass a Maybe
RemoteStateHandle into it, and it would otherwise have to construct its
own. Rather than go that route, I decided to send an ERROR in this case.
It seems unlikely that any existing external special remote will be
affected. They would have to make up a git-annex key, and set state for
some reason during INITREMOTE. I can imagine such a hack, but it doesn't
seem worth complicating the code in such an ugly way to support it.
Unfortunately, both TestRemote and Annex.Import needed the Remote
to have a new field added that holds its RemoteStateHandle.
2019-10-14 16:33:27 +00:00
|
|
|
gen r u c gc rs = new <$> remoteCost gc veryExpensiveRemoteCost
|
2012-11-30 04:55:59 +00:00
|
|
|
where
|
2014-08-03 19:35:23 +00:00
|
|
|
new cst = Just $ specialRemote' specialcfg c
|
2014-08-02 20:47:21 +00:00
|
|
|
(prepareStore this)
|
|
|
|
|
(prepareRetrieve this)
|
run Preparer to get Remover and CheckPresent actions
This will allow special remotes to eg, open a http connection and reuse it,
while checking if chunks are present, or removing chunks.
S3 and WebDAV both need this to support chunks with reasonable speed.
Note that a special remote might want to cache a http connection across
multiple requests. A simple case of this is that CheckPresent is typically
called before Store or Remove. A remote using this interface can certianly
use a Preparer that eg, uses a MVar to cache a http connection.
However, it's up to the remote to then deal with things like stale or
stalled http connections when eg, doing a series of downloads from a remote
and other places. There could be long delays between calls to a remote,
which could lead to eg, http connection stalls; the machine might even
move to a new network, etc.
It might be nice to improve this interface later to allow
the simple case without needing to handle the full complex case.
One way to do it would be to have a `Transaction SpecialRemote cache`,
where SpecialRemote contains methods for Storer, Retriever, Remover, and
CheckPresent, that all expect to be passed a `cache`.
2014-08-06 18:28:36 +00:00
|
|
|
(simplyPrepare $ remove this)
|
|
|
|
|
(simplyPrepare $ checkKey this)
|
2012-11-20 20:43:58 +00:00
|
|
|
this
|
2012-11-30 04:55:59 +00:00
|
|
|
where
|
2014-12-16 19:26:13 +00:00
|
|
|
this = Remote
|
|
|
|
|
{ uuid = u
|
|
|
|
|
, cost = cst
|
|
|
|
|
, name = Git.repoDescribe r
|
|
|
|
|
, storeKey = storeKeyDummy
|
|
|
|
|
, retrieveKeyFile = retreiveKeyFileDummy
|
|
|
|
|
, retrieveKeyFileCheap = retrieveCheap this
|
2018-06-21 15:35:27 +00:00
|
|
|
-- glacier-cli does not follow redirects and does
|
2018-06-21 18:14:56 +00:00
|
|
|
-- not support file://, as far as we know, but
|
|
|
|
|
-- there's no guarantee that will continue to be
|
|
|
|
|
-- the case, so require verifiable keys.
|
2018-09-25 19:32:50 +00:00
|
|
|
, retrievalSecurityPolicy = mkRetrievalVerifiableKeysSecure gc
|
2014-12-16 19:26:13 +00:00
|
|
|
, removeKey = removeKeyDummy
|
2015-10-08 19:01:38 +00:00
|
|
|
, lockContent = Nothing
|
2014-12-16 19:26:13 +00:00
|
|
|
, checkPresent = checkPresentDummy
|
|
|
|
|
, checkPresentCheap = False
|
2017-09-01 17:02:07 +00:00
|
|
|
, exportActions = exportUnsupported
|
2019-02-20 19:55:01 +00:00
|
|
|
, importActions = importUnsupported
|
2014-12-16 19:26:13 +00:00
|
|
|
, whereisKey = Nothing
|
|
|
|
|
, remoteFsck = Nothing
|
|
|
|
|
, repairRepo = Nothing
|
|
|
|
|
, config = c
|
2018-06-04 18:31:55 +00:00
|
|
|
, getRepo = return r
|
2014-12-16 19:26:13 +00:00
|
|
|
, gitconfig = gc
|
|
|
|
|
, localpath = Nothing
|
|
|
|
|
, readonly = False
|
2018-08-30 15:12:18 +00:00
|
|
|
, appendonly = False
|
2014-12-16 19:26:13 +00:00
|
|
|
, availability = GloballyAvailable
|
|
|
|
|
, remotetype = remote
|
|
|
|
|
, mkUnavailable = return Nothing
|
|
|
|
|
, getInfo = includeCredsInfo c (AWS.creds u) $
|
|
|
|
|
[ ("glacier vault", getVault c) ]
|
|
|
|
|
, claimUrl = Nothing
|
|
|
|
|
, checkUrl = Nothing
|
add RemoteStateHandle
This solves the problem of sameas remotes trampling over per-remote
state. Used for:
* per-remote state, of course
* per-remote metadata, also of course
* per-remote content identifiers, because two remote implementations
could in theory generate the same content identifier for two different
peices of content
While chunk logs are per-remote data, they don't use this, because the
number and size of chunks stored is a common property across sameas
remotes.
External special remote had a complication, where it was theoretically
possible for a remote to send SETSTATE or GETSTATE during INITREMOTE or
EXPORTSUPPORTED. Since the uuid of the remote is typically generate in
Remote.setup, it would only be possible to pass a Maybe
RemoteStateHandle into it, and it would otherwise have to construct its
own. Rather than go that route, I decided to send an ERROR in this case.
It seems unlikely that any existing external special remote will be
affected. They would have to make up a git-annex key, and set state for
some reason during INITREMOTE. I can imagine such a hack, but it doesn't
seem worth complicating the code in such an ugly way to support it.
Unfortunately, both TestRemote and Annex.Import needed the Remote
to have a new field added that holds its RemoteStateHandle.
2019-10-14 16:33:27 +00:00
|
|
|
, remoteStateHandle = rs
|
2014-12-16 19:26:13 +00:00
|
|
|
}
|
2014-08-03 19:35:23 +00:00
|
|
|
specialcfg = (specialRemoteCfg c)
|
|
|
|
|
-- Disabled until jobList gets support for chunks.
|
|
|
|
|
{ chunkConfig = NoChunks
|
|
|
|
|
}
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2017-02-07 18:35:58 +00:00
|
|
|
glacierSetup :: SetupStage -> Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID)
|
|
|
|
|
glacierSetup ss mu mcreds c gc = do
|
2013-09-07 22:38:00 +00:00
|
|
|
u <- maybe (liftIO genUUID) return mu
|
2017-02-07 18:35:58 +00:00
|
|
|
glacierSetup' ss u mcreds c gc
|
|
|
|
|
glacierSetup' :: SetupStage -> UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID)
|
|
|
|
|
glacierSetup' ss u mcreds c gc = do
|
2016-05-23 21:27:15 +00:00
|
|
|
(c', encsetup) <- encryptionSetup c gc
|
2016-05-23 21:08:43 +00:00
|
|
|
c'' <- setRemoteCredPair encsetup c' gc (AWS.creds u) mcreds
|
glacier, S3: Fix bug that caused embedded creds to not be encypted using the remote's key.
encryptionSetup must be called before setRemoteCredPair. Otherwise,
the RemoteConfig doesn't have the cipher in it, and so no cipher is used to
encrypt the embedded creds.
This is a security fix for non-shared encryption methods!
For encryption=shared, there's no security problem, just an
inconsistentency in whether the embedded creds are encrypted.
This is very important to get right, so used some types to help ensure that
setRemoteCredPair is only run after encryptionSetup. Note that the external
special remote bypasses the type safety, since creds can be set after the
initial remote config, if the external special remote program requests it.
Also note that IA remotes never use encryption, so encryptionSetup is not
run for them at all, and again the type safety is bypassed.
This leaves two open questions:
1. What to do about S3 and glacier remotes that were set up
using encryption=pubkey/hybrid with embedcreds?
Such a git repo has a security hole embedded in it, and this needs to be
communicated to the user. Is the changelog enough?
2. enableremote won't work in such a repo, because git-annex will
try to decrypt the embedded creds, which are not encrypted, so fails.
This needs to be dealt with, especially for ecryption=shared repos,
which are not really broken, just inconsistently configured.
Noticing that problem for encryption=shared is what led to commit
fbdeeeed5fa276d94be587c8916d725eddcaf546, which tried to
fix the problem by not decrypting the embedded creds.
This commit was sponsored by Josh Taylor.
2014-09-18 21:07:17 +00:00
|
|
|
let fullconfig = c'' `M.union` defaults
|
add LISTCONFIGS to external special remote protocol
Special remote programs that use GETCONFIG/SETCONFIG are recommended
to implement it.
The description is not yet used, but will be useful later when adding a way
to make initremote list all accepted configs.
configParser now takes a RemoteConfig parameter. Normally, that's not
needed, because configParser returns a parter, it does not parse it
itself. But, it's needed to look at externaltype and work out what
external remote program to run for LISTCONFIGS.
Note that, while externalUUID is changed to a Maybe UUID, checkExportSupported
used to use NoUUID. The code that now checks for Nothing used to behave
in some undefined way if the external program made requests that
triggered it.
Also, note that in externalSetup, once it generates external,
it parses the RemoteConfig strictly. That generates a
ParsedRemoteConfig, which is thrown away. The reason it's ok to throw
that away, is that, if the strict parse succeeded, the result must be
the same as the earlier, lenient parse.
initremote of an external special remote now runs the program three
times. First for LISTCONFIGS, then EXPORTSUPPORTED, and again
LISTCONFIGS+INITREMOTE. It would not be hard to eliminate at least
one of those, and it should be possible to only run the program once.
2020-01-17 19:30:14 +00:00
|
|
|
pc <- either giveup return . parseRemoteConfig fullconfig
|
|
|
|
|
=<< configParser remote fullconfig
|
2017-09-04 16:40:33 +00:00
|
|
|
case ss of
|
2020-01-14 19:41:34 +00:00
|
|
|
Init -> genVault pc gc u
|
2017-09-04 16:40:33 +00:00
|
|
|
_ -> return ()
|
2018-03-27 16:41:57 +00:00
|
|
|
gitConfigSpecialRemote u fullconfig [("glacier", "true")]
|
2014-03-27 18:30:36 +00:00
|
|
|
return (fullconfig, u)
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
2019-10-10 17:08:17 +00:00
|
|
|
remotename = fromJust (lookupName c)
|
2012-11-20 20:43:58 +00:00
|
|
|
defvault = remotename ++ "-" ++ fromUUID u
|
|
|
|
|
defaults = M.fromList
|
2020-01-15 15:05:07 +00:00
|
|
|
[ (datacenterField, Proposed $ T.unpack $ AWS.defaultRegion AWS.Glacier)
|
|
|
|
|
, (vaultField, Proposed defvault)
|
2012-11-20 20:43:58 +00:00
|
|
|
]
|
|
|
|
|
|
2014-08-02 20:47:21 +00:00
|
|
|
prepareStore :: Remote -> Preparer Storer
|
|
|
|
|
prepareStore r = checkPrepare nonEmpty (byteStorer $ store r)
|
|
|
|
|
|
|
|
|
|
nonEmpty :: Key -> Annex Bool
|
|
|
|
|
nonEmpty k
|
2019-11-22 20:24:04 +00:00
|
|
|
| fromKey keySize k == Just 0 = do
|
2012-11-20 20:43:58 +00:00
|
|
|
warning "Cannot store empty files in Glacier."
|
|
|
|
|
return False
|
2014-08-02 20:47:21 +00:00
|
|
|
| otherwise = return True
|
2012-11-25 17:42:28 +00:00
|
|
|
|
2014-08-02 20:47:21 +00:00
|
|
|
store :: Remote -> Key -> L.ByteString -> MeterUpdate -> Annex Bool
|
2016-05-23 21:03:20 +00:00
|
|
|
store r k b p = go =<< glacierEnv c gc u
|
2012-11-25 17:27:20 +00:00
|
|
|
where
|
2012-11-30 04:55:59 +00:00
|
|
|
c = config r
|
2016-05-23 21:03:20 +00:00
|
|
|
gc = gitconfig r
|
2012-11-25 17:27:20 +00:00
|
|
|
u = uuid r
|
|
|
|
|
params = glacierParams c
|
2012-11-20 20:43:58 +00:00
|
|
|
[ Param "archive"
|
|
|
|
|
, Param "upload"
|
|
|
|
|
, Param "--name", Param $ archive r k
|
2012-11-30 04:55:59 +00:00
|
|
|
, Param $ getVault $ config r
|
2012-11-25 17:27:20 +00:00
|
|
|
, Param "-"
|
2012-11-20 20:43:58 +00:00
|
|
|
]
|
2012-11-25 17:27:20 +00:00
|
|
|
go Nothing = return False
|
|
|
|
|
go (Just e) = do
|
2014-08-02 20:47:21 +00:00
|
|
|
let cmd = (proc "glacier" (toCommand params)) { env = Just e }
|
2012-11-25 17:27:20 +00:00
|
|
|
liftIO $ catchBoolIO $
|
2014-08-02 20:47:21 +00:00
|
|
|
withHandle StdinHandle createProcessSuccess cmd $ \h -> do
|
|
|
|
|
meteredWrite p h b
|
2012-11-25 17:27:20 +00:00
|
|
|
return True
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2014-08-02 20:47:21 +00:00
|
|
|
prepareRetrieve :: Remote -> Preparer Retriever
|
2014-08-03 05:12:24 +00:00
|
|
|
prepareRetrieve = simplyPrepare . byteRetriever . retrieve
|
2014-08-02 20:47:21 +00:00
|
|
|
|
2014-08-03 05:12:24 +00:00
|
|
|
retrieve :: Remote -> Key -> (L.ByteString -> Annex Bool) -> Annex Bool
|
2016-05-23 21:03:20 +00:00
|
|
|
retrieve r k sink = go =<< glacierEnv c gc u
|
2012-11-25 17:42:28 +00:00
|
|
|
where
|
2012-11-30 04:55:59 +00:00
|
|
|
c = config r
|
2016-05-23 21:03:20 +00:00
|
|
|
gc = gitconfig r
|
2012-11-25 17:42:28 +00:00
|
|
|
u = uuid r
|
|
|
|
|
params = glacierParams c
|
2012-11-20 20:43:58 +00:00
|
|
|
[ Param "archive"
|
|
|
|
|
, Param "retrieve"
|
2012-11-25 17:42:28 +00:00
|
|
|
, Param "-o-"
|
2012-11-30 04:55:59 +00:00
|
|
|
, Param $ getVault $ config r
|
2012-11-20 20:43:58 +00:00
|
|
|
, Param $ archive r k
|
|
|
|
|
]
|
2016-11-16 01:29:54 +00:00
|
|
|
go Nothing = giveup "cannot retrieve from glacier"
|
2012-11-25 17:42:28 +00:00
|
|
|
go (Just e) = do
|
2014-10-20 19:11:01 +00:00
|
|
|
let cmd = (proc "glacier" (toCommand params))
|
|
|
|
|
{ env = Just e
|
|
|
|
|
, std_out = CreatePipe
|
|
|
|
|
}
|
2014-08-03 05:12:24 +00:00
|
|
|
(_, Just h, _, pid) <- liftIO $ createProcess cmd
|
|
|
|
|
-- Glacier cannot store empty files, so if the output is
|
|
|
|
|
-- empty, the content is not available yet.
|
|
|
|
|
ok <- ifM (liftIO $ hIsEOF h)
|
|
|
|
|
( return False
|
|
|
|
|
, sink =<< liftIO (L.hGetContents h)
|
|
|
|
|
)
|
|
|
|
|
liftIO $ hClose h
|
|
|
|
|
liftIO $ forceSuccessProcess cmd pid
|
2014-08-02 20:47:21 +00:00
|
|
|
unless ok $ do
|
|
|
|
|
showLongNote "Recommend you wait up to 4 hours, and then run this command again."
|
2014-08-03 05:12:24 +00:00
|
|
|
return ok
|
|
|
|
|
|
2015-04-14 20:35:10 +00:00
|
|
|
retrieveCheap :: Remote -> Key -> AssociatedFile -> FilePath -> Annex Bool
|
|
|
|
|
retrieveCheap _ _ _ _ = return False
|
2012-11-20 20:43:58 +00:00
|
|
|
|
run Preparer to get Remover and CheckPresent actions
This will allow special remotes to eg, open a http connection and reuse it,
while checking if chunks are present, or removing chunks.
S3 and WebDAV both need this to support chunks with reasonable speed.
Note that a special remote might want to cache a http connection across
multiple requests. A simple case of this is that CheckPresent is typically
called before Store or Remove. A remote using this interface can certianly
use a Preparer that eg, uses a MVar to cache a http connection.
However, it's up to the remote to then deal with things like stale or
stalled http connections when eg, doing a series of downloads from a remote
and other places. There could be long delays between calls to a remote,
which could lead to eg, http connection stalls; the machine might even
move to a new network, etc.
It might be nice to improve this interface later to allow
the simple case without needing to handle the full complex case.
One way to do it would be to have a `Transaction SpecialRemote cache`,
where SpecialRemote contains methods for Storer, Retriever, Remover, and
CheckPresent, that all expect to be passed a `cache`.
2014-08-06 18:28:36 +00:00
|
|
|
remove :: Remote -> Remover
|
2012-11-20 20:43:58 +00:00
|
|
|
remove r k = glacierAction r
|
|
|
|
|
[ Param "archive"
|
2014-08-02 20:47:21 +00:00
|
|
|
|
2012-11-20 20:43:58 +00:00
|
|
|
, Param "delete"
|
2012-11-30 04:55:59 +00:00
|
|
|
, Param $ getVault $ config r
|
2012-11-20 20:43:58 +00:00
|
|
|
, Param $ archive r k
|
|
|
|
|
]
|
|
|
|
|
|
run Preparer to get Remover and CheckPresent actions
This will allow special remotes to eg, open a http connection and reuse it,
while checking if chunks are present, or removing chunks.
S3 and WebDAV both need this to support chunks with reasonable speed.
Note that a special remote might want to cache a http connection across
multiple requests. A simple case of this is that CheckPresent is typically
called before Store or Remove. A remote using this interface can certianly
use a Preparer that eg, uses a MVar to cache a http connection.
However, it's up to the remote to then deal with things like stale or
stalled http connections when eg, doing a series of downloads from a remote
and other places. There could be long delays between calls to a remote,
which could lead to eg, http connection stalls; the machine might even
move to a new network, etc.
It might be nice to improve this interface later to allow
the simple case without needing to handle the full complex case.
One way to do it would be to have a `Transaction SpecialRemote cache`,
where SpecialRemote contains methods for Storer, Retriever, Remover, and
CheckPresent, that all expect to be passed a `cache`.
2014-08-06 18:28:36 +00:00
|
|
|
checkKey :: Remote -> CheckPresent
|
2014-08-06 17:45:19 +00:00
|
|
|
checkKey r k = do
|
2015-08-17 14:42:14 +00:00
|
|
|
showChecking r
|
2016-05-23 21:03:20 +00:00
|
|
|
go =<< glacierEnv (config r) (gitconfig r) (uuid r)
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
2016-11-16 01:29:54 +00:00
|
|
|
go Nothing = giveup "cannot check glacier"
|
2012-11-25 17:27:20 +00:00
|
|
|
go (Just e) = do
|
2012-11-20 20:43:58 +00:00
|
|
|
{- glacier checkpresent outputs the archive name to stdout if
|
|
|
|
|
- it's present. -}
|
2014-08-06 17:45:19 +00:00
|
|
|
s <- liftIO $ readProcessEnv "glacier" (toCommand params) (Just e)
|
2019-01-14 17:03:35 +00:00
|
|
|
let probablypresent = serializeKey k `elem` lines s
|
2014-08-06 17:45:19 +00:00
|
|
|
if probablypresent
|
|
|
|
|
then ifM (Annex.getFlag "trustglacier")
|
2016-11-16 01:29:54 +00:00
|
|
|
( return True, giveup untrusted )
|
2014-08-06 17:45:19 +00:00
|
|
|
else return False
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2014-03-05 03:22:24 +00:00
|
|
|
params = glacierParams (config r)
|
2012-11-20 20:43:58 +00:00
|
|
|
[ Param "archive"
|
|
|
|
|
, Param "checkpresent"
|
2012-11-30 04:55:59 +00:00
|
|
|
, Param $ getVault $ config r
|
2012-11-21 23:35:28 +00:00
|
|
|
, Param "--quiet"
|
2012-11-20 20:43:58 +00:00
|
|
|
, Param $ archive r k
|
|
|
|
|
]
|
|
|
|
|
|
2014-08-06 17:45:19 +00:00
|
|
|
untrusted = unlines
|
2012-11-20 20:43:58 +00:00
|
|
|
[ "Glacier's inventory says it has a copy."
|
|
|
|
|
, "However, the inventory could be out of date, if it was recently removed."
|
|
|
|
|
, "(Use --trust-glacier if you're sure it's still in Glacier.)"
|
|
|
|
|
, ""
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
glacierAction :: Remote -> [CommandParam] -> Annex Bool
|
2016-05-23 21:03:20 +00:00
|
|
|
glacierAction r = runGlacier (config r) (gitconfig r) (uuid r)
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
runGlacier :: ParsedRemoteConfig -> RemoteGitConfig -> UUID -> [CommandParam] -> Annex Bool
|
2016-05-23 21:03:20 +00:00
|
|
|
runGlacier c gc u params = go =<< glacierEnv c gc u
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
|
|
|
|
go Nothing = return False
|
2012-11-25 17:27:20 +00:00
|
|
|
go (Just e) = liftIO $
|
|
|
|
|
boolSystemEnv "glacier" (glacierParams c params) (Just e)
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
glacierParams :: ParsedRemoteConfig -> [CommandParam] -> [CommandParam]
|
2012-11-25 17:27:20 +00:00
|
|
|
glacierParams c params = datacenter:params
|
|
|
|
|
where
|
2012-11-20 20:43:58 +00:00
|
|
|
datacenter = Param $ "--region=" ++
|
2020-01-14 19:41:34 +00:00
|
|
|
fromMaybe (giveup "Missing datacenter configuration")
|
|
|
|
|
(getRemoteConfigValue datacenterField c)
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
glacierEnv :: ParsedRemoteConfig -> RemoteGitConfig -> UUID -> Annex (Maybe [(String, String)])
|
2016-05-23 21:03:20 +00:00
|
|
|
glacierEnv c gc u = do
|
2015-02-06 18:39:27 +00:00
|
|
|
liftIO checkSaneGlacierCommand
|
2016-05-23 21:03:20 +00:00
|
|
|
go =<< getRemoteCredPairFor "glacier" c gc creds
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
|
|
|
|
go Nothing = return Nothing
|
|
|
|
|
go (Just (user, pass)) = do
|
2012-11-25 17:27:20 +00:00
|
|
|
e <- liftIO getEnvironment
|
2014-01-14 20:42:10 +00:00
|
|
|
return $ Just $ addEntries [(uk, user), (pk, pass)] e
|
2012-11-20 20:43:58 +00:00
|
|
|
|
|
|
|
|
creds = AWS.creds u
|
|
|
|
|
(uk, pk) = credPairEnvironment creds
|
|
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
getVault :: ParsedRemoteConfig -> Vault
|
|
|
|
|
getVault = fromMaybe (giveup "Missing vault configuration")
|
|
|
|
|
. getRemoteConfigValue vaultField
|
2012-11-20 20:43:58 +00:00
|
|
|
|
|
|
|
|
archive :: Remote -> Key -> Archive
|
2019-01-14 17:03:35 +00:00
|
|
|
archive r k = fileprefix ++ serializeKey k
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
2020-01-14 19:41:34 +00:00
|
|
|
fileprefix = fromMaybe "" $
|
|
|
|
|
getRemoteConfigValue fileprefixField $ config r
|
2012-11-20 20:43:58 +00:00
|
|
|
|
2020-01-14 19:41:34 +00:00
|
|
|
genVault :: ParsedRemoteConfig -> RemoteGitConfig -> UUID -> Annex ()
|
2016-05-23 21:03:20 +00:00
|
|
|
genVault c gc u = unlessM (runGlacier c gc u params) $
|
2016-11-16 01:29:54 +00:00
|
|
|
giveup "Failed creating glacier vault."
|
2012-11-20 20:43:58 +00:00
|
|
|
where
|
|
|
|
|
params =
|
|
|
|
|
[ Param "vault"
|
|
|
|
|
, Param "create"
|
2012-11-29 18:49:20 +00:00
|
|
|
, Param $ getVault c
|
2012-11-20 20:43:58 +00:00
|
|
|
]
|
2012-11-29 18:49:20 +00:00
|
|
|
|
|
|
|
|
{- Partitions the input list of keys into ones which have
|
|
|
|
|
- glacier retieval jobs that have succeeded, or failed.
|
|
|
|
|
-
|
|
|
|
|
- A complication is that `glacier job list` will display the encrypted
|
|
|
|
|
- keys when the remote is encrypted.
|
2014-08-02 20:47:21 +00:00
|
|
|
-
|
|
|
|
|
- Dealing with encrypted chunked keys would be tricky. However, there
|
|
|
|
|
- seems to be no benefit to using chunking with glacier, so chunking is
|
|
|
|
|
- not supported.
|
2012-11-29 18:49:20 +00:00
|
|
|
-}
|
|
|
|
|
jobList :: Remote -> [Key] -> Annex ([Key], [Key])
|
2016-05-23 21:03:20 +00:00
|
|
|
jobList r keys = go =<< glacierEnv (config r) (gitconfig r) (uuid r)
|
2012-11-29 18:49:20 +00:00
|
|
|
where
|
|
|
|
|
params = [ Param "job", Param "list" ]
|
|
|
|
|
nada = ([], [])
|
2012-11-30 04:55:59 +00:00
|
|
|
myvault = getVault $ config r
|
2012-11-29 18:49:20 +00:00
|
|
|
|
|
|
|
|
go Nothing = return nada
|
|
|
|
|
go (Just e) = do
|
|
|
|
|
v <- liftIO $ catchMaybeIO $
|
|
|
|
|
readProcessEnv "glacier" (toCommand params) (Just e)
|
|
|
|
|
maybe (return nada) extract v
|
|
|
|
|
|
|
|
|
|
extract s = do
|
|
|
|
|
let result@(succeeded, failed) =
|
|
|
|
|
parse nada $ (map words . lines) s
|
|
|
|
|
if result == nada
|
|
|
|
|
then return nada
|
|
|
|
|
else do
|
|
|
|
|
enckeys <- forM keys $ \k ->
|
2014-07-27 00:21:36 +00:00
|
|
|
maybe k (\(_, enck) -> enck k)
|
2016-05-23 21:27:15 +00:00
|
|
|
<$> cipherKey (config r) (gitconfig r)
|
2012-11-29 18:49:20 +00:00
|
|
|
let keymap = M.fromList $ zip enckeys keys
|
2013-09-26 03:19:01 +00:00
|
|
|
let convert = mapMaybe (`M.lookup` keymap)
|
2012-11-29 18:49:20 +00:00
|
|
|
return (convert succeeded, convert failed)
|
|
|
|
|
|
|
|
|
|
parse c [] = c
|
|
|
|
|
parse c@(succeeded, failed) ((status:_date:vault:key:[]):rest)
|
|
|
|
|
| vault == myvault =
|
2019-01-14 17:03:35 +00:00
|
|
|
case deserializeKey key of
|
2012-11-29 18:49:20 +00:00
|
|
|
Nothing -> parse c rest
|
|
|
|
|
Just k
|
|
|
|
|
| "a/d" `isPrefixOf` status ->
|
|
|
|
|
parse (k:succeeded, failed) rest
|
|
|
|
|
| "a/e" `isPrefixOf` status ->
|
|
|
|
|
parse (succeeded, k:failed) rest
|
|
|
|
|
| otherwise ->
|
|
|
|
|
parse c rest
|
|
|
|
|
parse c (_:rest) = parse c rest
|
2015-02-06 18:39:27 +00:00
|
|
|
|
|
|
|
|
-- boto's version of glacier exits 0 when given a parameter it doesn't
|
|
|
|
|
-- understand. See https://github.com/boto/boto/issues/2942
|
|
|
|
|
checkSaneGlacierCommand :: IO ()
|
|
|
|
|
checkSaneGlacierCommand =
|
|
|
|
|
whenM ((Nothing /=) <$> catchMaybeIO shouldfail) $
|
2016-11-16 01:29:54 +00:00
|
|
|
giveup wrongcmd
|
2015-02-06 18:39:27 +00:00
|
|
|
where
|
|
|
|
|
test = proc "glacier" ["--compatibility-test-git-annex"]
|
|
|
|
|
shouldfail = withQuietOutput createProcessSuccess test
|
|
|
|
|
wrongcmd = "The glacier program in PATH seems to be from boto, not glacier-cli. Cannot use this program."
|